CVE-2021-27616
CVE-2021-27616
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
11 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure temporary backup path and to access information which would otherwise be restricted, resulting in Information Disclosure vulnerability highly impacting the confidentiality, integrity and availability of the application.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
SAP SE · SAP Business One, version for SAP HANA (Cookbooks)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →